Skip to content

Instantly share code, notes, and snippets.

@loganhasson

loganhasson/setup-some-servers.md

Created May 22, 2014 14:58
Show Gist options
  • Save loganhasson/02f576bdfa9c40557aa5 to your computer and use it in GitHub Desktop.
Save loganhasson/02f576bdfa9c40557aa5 to your computer and use it in GitHub Desktop.
Download ZIP
Let's set up a cool cluster of Ubuntu 12.04LTS 64-bit servers.
Raw
setup-some-servers.md

Note: All steps assume you are running Ubuntu 12.04LTS 64-bit servers. Most of these steps should apply to any distribution of Ubuntu, however.

App Servers

Steps

  1. apt-get update
  2. apt-get upgrade
  3. apt-get install build-essential
  4. apt-get install sqlite3 libsqlite3-ruby libsqlite3-dev
  5. apt-get install libyaml-dev
  6. apt-get install libpq-dev
  7. apt-get install git
  8. curl -L get.rvm.io | bash -s stable
  9. source /etc/profile.d/rvm.sh
  10. rvm reload
  11. rvm install 2.1.0
  12. apt-get install nodejs
  13. gem install bundler rails
  14. gem install unicorn
  15. Add to ~/.bashrc:
source /etc/profile.d/rvm.sh
rvm reload

Manual App Setup

  1. cd /var
  2. mkdir www
  3. cd www

application needs to have a pids directory

Clone App Repo

  1. cd /var/www
  2. git clone <app_repo>

Unicorn Config

  1. vi config/unicorn.rb
  2. Add the following:
working_directory "/var/www/<app_dir_name>"

pid "/var/www/<app_dir_name>/pids/unicorn.pid"

stderr_path "/var/www/<app_dir_name>/log/unicorn.log"
stdout_path "/var/www/<app_dir_name>/log/unicorn.log"

worker_processes 2

timeout 30

Migrate Database

  1. rake db:migrate RAILS_ENV=<production/development>

Start Unicorn

  1. unicorn_rails -c config/unicorn.rb -D -E production/development

Add Server IP to Load Balancer Server

  1. ifconfig and add IP Address to /etc/nginx/nginx.conf on Load Balancer server

Random Capistrano Tidbits

  1. default_run_options[:pty] = true

Server Hardening

On Server

  1. useradd -s /bin/bash -G sudo -m <username>
  2. passwd <username> (Enter password when prompted.)

Locally

  1. ssh-copy-id -i ~/.ssh/id_rsa.pub <username@remote-host>
  2. ssh <username@remote-host>

On Server

  1. sudo nano /etc/ssh/sshd_config
  2. Change PermitRootLogin yes to PermitRootLogin no
  3. sudo restart ssh

Database Server

Steps

  1. apt-get update
  2. apt-get upgrade
  3. apt-get install build-essential
  4. apt-get install git
  5. vi /etc/apt/sources.list.d/pgdg.list
  6. deb http://apt.postgresql.org/pub/repos/apt/ precise-pgdg main (Note: replace precise with name of Ubuntu release. Get your current release name by typing lsb_release -c.)
  7. apt-get update
  8. apt-get upgrade
  9. Potential error handling:
apt-key adv --recv-keys --keyserver keyserver.ubuntu.com 7FCC7D46ACCC4CF8
  1. apt-get install postgresql-9.3 pgadmin3
  2. sudo -u postgres psql postgres
  3. On psql command line:
  • \password postgres and set password.
  • \q to quit

Set Up Database and Roles

  1. sudo -u postgres psql
  2. On psql command line:
  • CREATE USER <user_name> WITH PASSWORD '[password]';
  • CREATE DATABASE <database_name> OWNER <user_name>;
  • \q to quit
  1. vi /etc/postgresql/9.3/main/postgresql.conf
  2. Find line: #listen_addresses = 'localhost' and change to: listen_addresses = '*'
  3. vi /etc/postgresql/9.3/main/pg_hba.conf
  4. Find section: # Put your Actual configuration here
  5. After comment block:
# TYPE   DATABASE      USER        ADDRESS        METHOD
host        all        all        0.0.0.0/0        md5
  1. service postgresql restart

Configuring the Rails App

  1. Edit config/database.yml:
production:
  adapter: postgresql
  encoding: utf8
  database: <database_name>
  username: <database_username>
  password: <password>
  host: <host_ip_address>
  port: 5432
  pool: 10
  1. Edit Gemfile:
  • gem 'pg'
  • bundle

Load Balancer

Steps

  1. apt-get update
  2. apt-get upgrade
  3. apt-get install build-essential
  4. apt-get install nginx
  5. useradd nginx --no-create-home
  6. vi /etc/nginx/nginx.conf and replace with:
# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user              nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log;
#error_log  /var/log/nginx/error.log  notice;
#error_log  /var/log/nginx/error.log  info;

pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;

    # Load config files from the /etc/nginx/conf.d directory
    # The default server is in conf.d/default.conf
    # include /etc/nginx/conf.d/*.conf;

    upstream unicorn_servers {
        server 172.31.32.79:8080 fail_timeout=0;
    }
  
    server {
        listen 80;

        location / {
            proxy_set_header        Host $host;
            proxy_set_header        X-Real-IP $remote_addr;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;

            proxy_pass http://unicorn_servers;
        }
    }
}
  1. Update server list under upstream unicorn_servers
  2. service nginx start
  3. If error, add types_hash_max_size 2048; in http section and resave.
  4. service nginx restart

Tune Those Servers

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment